What is the cookie OWAPF used for from login.microsoft.com?

DileepaA 1 Reputation point
2020-11-02T15:39:11.4+00:00

Our security scanner detected that the cookie OWAPF used for from login.microsoft.com does not have a secure or HttpOnly attribute set. Does anyone know what the cookie is used for or why it doesn't have the attributes set?

Thanks.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,808 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,846 Reputation points Microsoft Employee
    2020-11-02T21:53:55.017+00:00

    It seems to be associated with outlook. Based on this post, it looks like it can be removed by cleaning your cookies. Have you tried that?

    I have also reached out to the product team to as about this as I also have not encountered it personally.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.